This site uses cookies to provide you with a more responsive and personalized service. By using this site you agree to our use of cookies. Please read our cookie notice for more information on the cookies we use and how to delete or block them.

Bookmark Email Print this page

Risk Angles

Five questions on corporate governance and risk


An interview with Nicole Sandford, partner, Deloitte & Touche LLP and National Governance Services Practice Leader.

Corporate governance was more straightforward back in the day when roles were defined simply as “management acts, the board oversees.” But today, that approach may not hold up — not when boards are scrutinized from all sides by regulators, shareholders, the media, and analysts, to name a few.  

So what’s the primary role of the board of directors today? Is it to simply oversee executive management’s activities? Or should the board take an active role as strategic partners, working alongside management to deal with the enterprise’s toughest problems? And what’s the board’s role as it relates to risk and culture? There are no “one size fits all” answers, but it’s important that the board and executive management agree on how they will work together to build a Risk Intelligent organization.

In this Risk Angle, Nicole Sandford, partner, Deloitte & Touche LLP, offers her thoughts on some questions commonly asked about the role of the board. Then, Eric Pillmore, senior advisor, Deloitte LLP’s Center for Corporate Governance, adds his perspective from the front line as a former senior VP of corporate governance for a large multinational enterprise.

Quick links:
A closer look: Framing the future of corporate governance | Comments | Poll


Nicole's take

What’s the board’s role in corporate governance — and how does that differ from management’s role?

In most circumstances, the board plays an oversight role. However, depending on the issue or the company’s situation, the role of the board can swing from overseer to active participant. Typically, we see boards more actively involved in strategy and CEO succession than, say, operations and planning. Still, finding the right balance can be difficult. While there’s no right answer, it’s important that board members and executive management agree on how involved the board will be in key areas. The board can begin by asking themselves: how do we execute our fiduciary responsibilities while continuing to support management’s strategies to move the organization forward?

Why should boards change their approach now?

Your business can change in a heartbeat — and it probably will. In times of crisis or market fluctuation, the board may need to be more engaged in helping management create solutions. Executive teams who are working to execute strategies, especially in challenging economic times, need their board to be aligned behind a flexible model that’s able to shift based on business needs. A board that’s not aligned can cause the company to become “stuck” — unable to be agile when it needs it most.  

How does the board’s role in oversight of risks factor in?

Risk oversight should not be viewed as a process unto itself — it’s the foundation for everything the board and management do to properly govern the organization and make sound decisions.  
Many boards frame their activities for the oversight of risk into two areas: oversight of enterprise risk programs (risk management), and oversight of critical risks and risk decisions (risk governance). The latter includes setting risk appetite and risk tolerances, and monitoring strategic risks and related trends.

How can the board influence the corporate risk culture?

An organization’s success is, in large part, driven by how wisely it takes risks and how effectively it manages the risks it faces.  The enterprise’s culture comes into play here because people tend to do what they are rewarded to do. When selecting, evaluating, and compensating the CEO, the board sets the tone of the organization’s risk culture. It’s important to think through all potential implications — intentional and unintentional — of executive rewards to make sure the board is encouraging people to take risks intelligently. Similarly, the board should also understand how incentive programs implemented throughout the organization may influence the risk culture below the C-Suite.

How can companies evaluate the board’s effectiveness?

A well-designed assessment can give you a read on the board’s performance in each area of responsibility — strategy, performance, risk, and more. Does the board meet basic regulatory requirements? Follow common practices? Or even set the standard that others follow? Careful evaluation of skills and knowledge, process, information, and behavior can pinpoint areas of excellence and development opportunities, helping boards and executives understand which areas may need attention. This requires a fresh approach to board effectiveness assessments, which have tended to measure only past performance. A focus on what the board can do better in the future should be the core of the assessment, not simply an afterthought to address gaps in past performance.
Return to top


A closer look: Framing the future of corporate governance

Eric Pillmore, senior advisor, Deloitte LLP Center for Corporate Governance

Before joining Deloitte, I helped rebuild the governance structures at a multinational company recovering from crisis. My job was to inventory and prioritize governance risks across the enterprise and focus efforts and resources to help mitigate them. We developed our own basic framework for evaluating corporate governance risks, based on what we could gather from other public companies. However, looking back, we could have benefited from a broader perspective, drawing from leading practices and cross-industry insight.  An effective framework should consider the full range of governance issues — including board governance, strategy, performance, integrity, talent, and more — with risk and culture at its core.

Here are a few applications:  

  • Tactical advantage: A CEO who is stepping into a new role as board chairman can use a framework to help evaluate the board’s strengths and potential vulnerabilities to determine where efforts should be focused first.
  • Situational awareness: Senior executives and boards of a company approaching an Initial Public Offering often need to shift priorities as they move into a public environment. For example, a private equity board that’s previously been laser-focused on performance should now consider new risks that are likely to arise when they answer to outside stakeholders.
  • Birdseye view: Beyond evaluating board effectiveness, a framework may be used to evaluate and prioritize risks for global business units by incorporating local governance risks, such as legal and regulatory risks for each country of operation.

Regardless of application, it’s smart to prioritize focus areas. Talk with board members and leadership to get their insights into areas where your organization may be vulnerable. Then do a deeper dive into one or two of the most critical areas, focusing on what the board can do better now and in the future. Adopting a methodical approach to identifying potential corporate governance risks is the first step toward developing 20/20 foresight — and helping the board and management see eye to eye.  


Download the Risk Angle above.




By participating in this poll, you consent and acknowledge that your responses may be disclosed without attribution by Deloitte in future publications and you are authorized to respond to the poll on behalf of your company.

Please review the guidelines before providing your comments.*

As used in this document, “Deloitte” means Deloitte LLP and its subsidiaries. Please see for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting.



Related links

Share this page

Email this Send to LinkedIn Send to Facebook Tweet this More sharing options

Stay connected